2012-01-19 14:10:45 +00:00
|
|
|
# wmap-autoscan.rc
|
|
|
|
# Author: m-1-k-3 (Web: http://www.s3cur1ty.de / Twitter: @s3cur1ty_de)
|
|
|
|
|
|
|
|
# This Metasploit RC-File could be used to analyse webapps automatically
|
|
|
|
# first you should use the crawler module or autocrawler resource file
|
|
|
|
# for learning the application
|
|
|
|
|
|
|
|
<ruby>
|
2012-02-29 14:34:05 +00:00
|
|
|
if (framework.datastore['WMAP_PROFILE'] == nil)
|
|
|
|
profile = nil
|
|
|
|
elsif (framework.datastore['WMAP_PROFILE'] == "profile")
|
|
|
|
#default profile of the metasploit installation
|
|
|
|
profile = "#{Msf::Config.install_root}/data/wmap/wmap_sample_profile.txt"
|
|
|
|
else
|
|
|
|
#we are able to define an other file as the profile file, for example we are able to
|
|
|
|
#define a file in our .msf4 directory which we use for our webaudits
|
|
|
|
profile = framework.datastore['WMAP_PROFILE']
|
|
|
|
end
|
2012-03-13 07:33:22 +00:00
|
|
|
|
2012-02-29 14:34:05 +00:00
|
|
|
#default to 50 Threads
|
|
|
|
if (framework.datastore['THREADS'] == nil)
|
2012-01-19 14:10:45 +00:00
|
|
|
run_single("setg THREADS 50")
|
|
|
|
end
|
|
|
|
|
2012-02-29 14:34:05 +00:00
|
|
|
#we look in the global datastore for a global VERBOSE option and use it
|
|
|
|
if (framework.datastore['VERBOSE'] == "true")
|
2015-03-24 21:26:00 +00:00
|
|
|
verbose = 1
|
2012-01-19 14:10:45 +00:00
|
|
|
else
|
2015-03-24 21:26:00 +00:00
|
|
|
verbose = 0
|
2012-01-19 14:10:45 +00:00
|
|
|
end
|
|
|
|
|
2012-02-29 14:34:05 +00:00
|
|
|
if (framework.plugins.to_s =~ /[Ww]map/)
|
|
|
|
print_line("Wmap plugin already loaded ...")
|
|
|
|
else
|
2018-02-28 01:29:05 +00:00
|
|
|
print_line("Loading the wmap plugin ...")
|
2012-01-19 14:10:45 +00:00
|
|
|
run_single("load wmap")
|
|
|
|
end
|
|
|
|
|
2012-02-29 22:21:46 +00:00
|
|
|
# Test and see if we have a database connected
|
|
|
|
begin
|
|
|
|
framework.db.hosts
|
|
|
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
|
|
|
print_error("Database connection isn't established")
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
2012-01-19 14:10:45 +00:00
|
|
|
framework.db.hosts.each do |host|
|
|
|
|
host.services.each do |serv|
|
|
|
|
next if not serv.host
|
2014-10-17 16:58:11 +00:00
|
|
|
next if (serv.state != Msf::ServiceState::Open)
|
2012-02-29 14:34:05 +00:00
|
|
|
next if (serv.name !~ /http/)
|
2012-01-19 14:10:45 +00:00
|
|
|
|
|
|
|
if(verbose == 1)
|
|
|
|
print_line("")
|
|
|
|
print_line("====================================")
|
2015-04-27 15:47:46 +00:00
|
|
|
print_line("IP #{host.address}")
|
2012-01-19 14:10:45 +00:00
|
|
|
print_line("OS #{host.os_name}")
|
|
|
|
print_line("Servicename #{serv.name}")
|
|
|
|
print_line("Service Port #{serv.port.to_i}")
|
|
|
|
print_line("Service Protocol #{serv.proto}")
|
|
|
|
print_line("====================================")
|
|
|
|
print_line("")
|
|
|
|
end
|
|
|
|
print_line("available sites:")
|
|
|
|
run_single("wmap_sites -l")
|
|
|
|
print_line("site which will get analyzed:")
|
2015-04-27 15:47:46 +00:00
|
|
|
run_single("wmap_sites -s #{host.address}:#{serv.port}")
|
|
|
|
run_single("wmap_targets -t #{host.address}:#{serv.port}")
|
2012-04-04 20:40:48 +00:00
|
|
|
serv.web_sites.each do |site|
|
2015-04-27 15:47:46 +00:00
|
|
|
run_single("wmap_targets -t #{site.vhost},#{host.address}:#{serv.port}")
|
2012-04-04 20:40:48 +00:00
|
|
|
end
|
2012-01-19 14:10:45 +00:00
|
|
|
print_line("defined target:")
|
|
|
|
run_single("wmap_targets -l")
|
|
|
|
if(profile != nil)
|
|
|
|
run_single("wmap_run -e #{profile}")
|
|
|
|
else
|
|
|
|
run_single("wmap_run -e")
|
|
|
|
end
|
|
|
|
run_single("wmap_targets -c")
|
|
|
|
print_line("")
|
2018-02-28 01:29:05 +00:00
|
|
|
print_line("Finished analysing the webserver on IP #{host.address.to_s}, Port: #{serv.port.to_s}")
|
2012-01-19 14:10:45 +00:00
|
|
|
print_line("")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
</ruby>
|